This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Remove HTTPS control

  • 3 replies
  • 18 have this problem
  • 2 views
  • Last reply by rman31

more options

Hi,

I have an issue when I try to connect to HTTPS site: "Connexion is not secured

Owner have badly configured their web site, etc etc "

With IE and Chrome no issue. I know that my issue is due to my entreprise firewall replacing certificat by its own, leading Firefox to block the connexion. My question is to know if there is a way to deactivate this control in config parameters?

Thanks in advance for your support Rman31

Hi, I have an issue when I try to connect to HTTPS site: "Connexion is not secured Owner have badly configured their web site, etc etc " With IE and Chrome no issue. I know that my issue is due to my entreprise firewall replacing certificat by its own, leading Firefox to block the connexion. My question is to know if there is a way to deactivate this control in config parameters? Thanks in advance for your support Rman31

Chosen solution

OCSP hos no impact but.... security.enterprise_roots.enabled is working!!!!

Thank you so much for your assistance.

Have a good day Rman31

Read this answer in context 👍 1

All Replies (3)

more options

I suspect the page was already visited in Firefox on a connection that doesn't employ a man-in-the-middle attack (because that's what the enterprise firewall is doing). There is this security feature called OCSP, where information about server TLS/SSL certificates is distributed. Firefox consults this information for further validation of certificates. It might help your cause if you disable it via the configuration key security.OCSP.enabled.

Another security feature is HSTS (HTTP Strict Transport Security), which tells browsers to never connect via unsecure connection. As a result, the tampered connection the enterprise firewall is employing would be blocked. HSTS cannot be turned off. You have to make Firefox forget about it by creating a new profile.

Please let me note that the enterprise firewall behavior is very fishy. You shouldn't need to tamper with the secure connections and you certainly shouldn't follow the advice above and turn off OCSP. Rather, I encourage you to seek a different solution which secures your goals while not sacrificing browser security. For example, you could block all HTTPS traffic, while allowing only certain targets.

more options

Try to contact your IT department and ask them how you can install the root certificate in the Firefox Certificate Manager to make it possible for Firefox to build a valid certificate chain.

You can also try to set this pref to true on the about:config page.

  • security.enterprise_roots.enabled = true

You can open the about:config page via the location/address bar. You can accept the warning and click "I accept the risk!" to continue.

Modified by cor-el

more options

Chosen Solution

OCSP hos no impact but.... security.enterprise_roots.enabled is working!!!!

Thank you so much for your assistance.

Have a good day Rman31